Privacy Policy

1. Controller

The controller responsible for data processing on this website (christophernett.com) is:

Christopher Nett
c/o Postflex #9164
Emsdettener Str. 10
48268 Greven
Germany
E-mail: contact@christophernett.com

2. Overview of Data Processing

We process personal data only to the extent necessary to provide this website and its content reliably and securely. Personal data is processed in two ways:

• Data you provide directly — for example, your e-mail address when you subscribe to the newsletter, or your name, e-mail address, and message when you use the contact form.
• Technical data generated when you visit the website — for example, IP address, browser type, operating system, and time of access, which are processed by our hosting infrastructure.

We use this data to operate the website, ensure its security, respond to inquiries, send the newsletter, and — only with your consent — analyze how the website is used.

3. Hosting and Infrastructure

This website is hosted as an Azure Static Web App on Microsoft Azure (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA). The contact form is processed by a serverless function (Azure Functions) running on the same platform.

When you visit this website, the hosting infrastructure automatically processes technical data such as your IP address, browser type, operating system, referrer URL, and time of access. This data is required to deliver the website reliably and securely. Details can be found in Microsoft's privacy statement: https://privacy.microsoft.com/en-us/privacystatement

The legal basis for this processing is Art. 6(1)(f) GDPR — our legitimate interest in the reliable and secure presentation of our website.

4. Legal Bases

Depending on the type of processing, we rely on the following legal bases:

• Art. 6(1)(a) GDPR — consent (e.g., newsletter, analytics)
• Art. 6(1)(b) GDPR — performance of a contract or pre-contractual measures (e.g., inquiries related to a contract)
• Art. 6(1)(c) GDPR — compliance with legal obligations
• Art. 6(1)(f) GDPR — legitimate interests (e.g., secure and reliable website operation)
• § 25 TDDDG — storage of or access to information on your device (e.g., analytics cookies only with your consent; strictly necessary storage without consent)

5. International Data Transfers

Some of the services we use (Microsoft, Google, Kit) are operated by companies based in the USA or may process data outside the European Union. Where personal data is transferred to third countries, this is done on the basis of appropriate safeguards, in particular the EU Standard Contractual Clauses and/or an adequacy decision such as the EU-U.S. Data Privacy Framework, where the respective provider is certified.

Please note that despite these safeguards, a level of data protection fully comparable to that in the EU cannot be guaranteed in all third countries.

6. Data Retention

Unless a more specific retention period is stated in this privacy policy, personal data remains with us only as long as necessary for the purpose for which it was processed. If you assert a justified request for erasure or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining it (e.g., statutory retention periods under tax or commercial law).

7. Your Rights

You have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to withdraw consent at any time with effect for the future (Art. 7(3) GDPR)

To exercise any of these rights, contact us at contact@christophernett.com.

You also have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf, Germany
https://www.ldi.nrw.de

8. Data Processing on This Website

SSL/TLS Encryption

This website uses SSL/TLS encryption for all connections. You can recognize an encrypted connection by the "https://" prefix and the lock symbol in your browser's address bar.

Cookies and Consent

Our own code does not set any cookies without your consent. On your first visit, a consent banner gives you the choice to accept or reject analytics cookies. Without your explicit consent, no analytics cookies are set and no tracking takes place.

Your choice is stored in your browser's local storage under the key cn_cookie_consent (value: "accepted" or "rejected"). This storage is strictly necessary to remember your decision and not show the banner again (§ 25(2) TDDDG, Art. 6(1)(f) GDPR).

You can withdraw your consent at any time by deleting the website data for this domain in your browser settings. On your next visit, the consent banner will be shown again.

Web Analytics (Google Analytics 4)

Only if you give your consent via the consent banner, this website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google Analytics uses cookies (_ga and _ga_*, duration: 2 years) to analyze how visitors use the website. This information is generally transmitted to a Google server in the USA and stored there. We use Google Consent Mode v2 with all storage signals set to "denied" by default — Google Analytics is only loaded and activated after your explicit consent. IP addresses are anonymized.

The legal basis is your consent (Art. 6(1)(a) GDPR, § 25(1) TDDDG). You can withdraw your consent at any time as described above. More information on how Google handles user data: https://policies.google.com/privacy

Newsletter (Kit)

For sending our free "Nett Academy Newsletter" we use Kit (Kit/ConvertKit LLC, 750 Hammond Dr, Building 12, Suite 200, Atlanta, GA 30328, USA). When you fill in and submit the subscription form on this website, the e-mail address you enter is transmitted to and stored by Kit in order to send you the newsletter.

Subscription uses a double opt-in process: after signing up, you receive an e-mail in which you must confirm your subscription. The legal basis for the processing is your consent (Art. 6(1)(a) GDPR). You can unsubscribe at any time, for example via the unsubscribe link at the end of every newsletter e-mail; this also withdraws your consent.

More information on how Kit handles your data: https://kit.com/privacy

Contact Form

If you use the contact form, the data you enter (name, e-mail address, subject, message) is processed by a serverless function on Microsoft Azure and forwarded to our inbox by e-mail via Azure Communication Services. Your IP address is processed transiently to prevent abuse (rate limiting) and is not stored permanently by us.

The legal basis is Art. 6(1)(b) GDPR insofar as your inquiry is related to a contract or pre-contractual measures; in all other cases, our legitimate interest in handling inquiries directed to us effectively (Art. 6(1)(f) GDPR).

The data you submit remains with us until you request its deletion, withdraw your consent to its storage, or the purpose for storing it no longer applies. Mandatory statutory provisions — in particular retention periods — remain unaffected.

Contact by E-mail

If you contact us by e-mail, your inquiry including the contact details you provide will be stored by us for the purpose of processing your request and in case of follow-up questions. We do not pass this data on without your consent. The legal bases are the same as for the contact form.

Fonts

The fonts used on this website are hosted locally on our own infrastructure. No connection to external font providers (such as Google Fonts servers) is established when you visit this website.

External Links

This website contains links to external platforms and services, in particular to our courses on Udemy (Udemy, Inc., San Francisco, USA) and Teachable (Teachable, Inc., New York, USA) as well as to our profiles on LinkedIn and YouTube. We do not embed third-party content directly on this website — no data is transmitted to these providers until you click such a link.

Once you follow an external link, the data processing of the respective platform applies, for which the respective provider is solely responsible. Please refer to their privacy policies for details.